CVEs
This is the full list of CVEs that I have discovered and that have been published.
| CVE ID | Date | Description | Exploit Link | Blog Link |
|---|---|---|---|---|
| CVE-2024-3704 | 2024-04-11 | SQL injection in OpenGnsys 1.1.1d allowing login bypass and database access. | — | INCIBE advisory OpenGnsys patch |
| CVE-2024-3705 | 2024-04-11 | Unrestricted file upload in OpenGnsys 1.1.1d allowing webshell upload. | — | INCIBE advisory OpenGnsys patch |
| CVE-2024-3706 | 2024-04-11 | Information exposure in OpenGnsys 1.1.1d leaking database credentials. | — | INCIBE advisory OpenGnsys patch |
| CVE-2024-3707 | 2024-04-11 | Information exposure in OpenGnsys 1.1.1d allowing web-tree file enumeration. | — | INCIBE advisory OpenGnsys patch |
| CVE-2024-1343 | 2024-02-19 | Weak backup directory permissions in LaborOfficeFree 19.10 allowing backup file access. | — | INCIBE advisory |
| CVE-2024-1344 | 2024-02-19 | Recoverable database credentials in LaborOfficeFree 19.10 enabling privileged database access. | — | INCIBE advisory |
| CVE-2024-1345 | 2024-02-19 | Weak MySQL root password in LaborOfficeFree 19.10 vulnerable to brute force. | — | INCIBE advisory |
| CVE-2024-1346 | 2024-02-19 | Predictable MySQL root password in LaborOfficeFree 19.10 derived from constants. | GitHub PoC Exploit-DB | INCIBE advisory |
| CVE-2024-7481 ZDI-24-1290 | 2024-08-20 | TeamViewer driver signature verification flaw allowing local privilege escalation via printer driver installation. | GitHub PoC | Finding TeamViewer 0days - Part III ZDI-24-1290 TeamViewer bulletin |
| CVE-2024-7479 ZDI-24-1289 | 2024-08-20 | TeamViewer driver signature verification flaw allowing local privilege escalation via VPN driver installation. | GitHub PoC | Finding TeamViewer 0days - Part III ZDI-24-1289 TeamViewer bulletin |
| CVE-2025-40678 | 2025-08-02 | Dangerous file upload in Summar Portal del Empleado via the absence attachment endpoint. | — | INCIBE advisory GitHub advisory |
| CVE-2025-40677 | 2025-10-10 | SQL injection in Summar Portal del Empleado allowing database read/write operations. | GitHub PoC Exploit-DB | INCIBE advisory |
| CVE-2025-68686 | 2025-12-01 | FortiOS information exposure allowing bypass of the symbolic-link persistence patch after prior compromise. | Checker Tool - GitHub | FortiGate Symlink Persistence Method ITRES patch-bypass writeup Fortinet PSIRT |
| CVE-2026-8076 | 2026-02-15 | Weak PIN-based credentials in CashDro 3 enabling brute-force access to administration. | — | Cashdro Vulnerabilities: From Pentest to Stealing Money INCIBE advisory |
| CVE-2026-8077 | 2026-04-20 | Missing backend authorization in CashDro 3 allowing privilege escalation to administrator. | — | Cashdro Vulnerabilities: From Pentest to Stealing Money INCIBE advisory |